Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233322e302f32342d3234203d3e203231383539.roa
File: 34362e3130322e3233322e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: xmss+X7N7YEJYzsofqDqdmVc6hQlkz4fI2F5jzOV+w0=
Subject key identifier: AA:7D:62:58:92:4B:43:71:21:E8:FA:70:D9:31:E9:1A:94:66:0D:37
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 23D9A59901A9EF26D6A9251034FA1178F5AC29A3
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233322e302f32342d3234203d3e203231383539.roa
Signing time: Tue 21 Oct 2025 10:55:09 +0000
ROA not before: Tue 21 Oct 2025 10:50:09 +0000
ROA not after: Tue 20 Oct 2026 10:55:09 +0000
asID: 21859
IP address blocks: 46.102.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 01:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d9:a5:99:01:a9:ef:26:d6:a9:25:10:34:fa:11:78:f5:ac:29:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Oct 21 10:50:09 2025 GMT
Not After : Oct 20 10:55:09 2026 GMT
Subject: CN=AA7D6258924B437121E8FA70D931E91A94660D37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2d:78:b4:61:39:6a:7a:63:b0:dc:be:11:6d:
6a:c3:ec:95:7c:0f:62:07:ae:ae:25:df:4f:65:48:
e8:e6:b1:7c:57:64:70:02:6e:4d:d9:db:f2:bd:0f:
c6:87:1e:68:e5:53:ac:36:32:f1:f8:a7:53:3a:ad:
52:14:77:9a:a5:ce:48:92:85:75:b6:8b:2b:2a:2b:
38:ed:a9:60:61:af:45:60:ac:c9:87:73:18:dd:91:
af:82:2c:61:2f:24:89:71:9c:b4:c5:86:f0:0e:a7:
7b:0e:a5:16:6d:a6:4b:48:36:82:e2:b5:67:00:5c:
be:df:57:66:8f:fd:45:e3:1d:46:61:95:6b:49:2c:
9f:ff:76:43:bb:87:0a:19:50:e2:85:da:d5:3c:ba:
9d:a6:5c:2d:af:bf:18:21:66:2a:6e:a9:6b:54:37:
36:fa:9c:ff:09:f5:9e:1d:f7:66:15:d2:11:4c:9d:
55:33:69:d7:2a:ff:63:d1:15:9c:5a:b8:bf:c7:3c:
e7:20:1e:9c:7f:2d:20:db:eb:d4:af:cf:e9:9d:3a:
74:31:0a:2c:b3:f0:24:54:38:9c:ac:c8:58:7b:7e:
d8:f5:f2:45:de:42:08:c4:d1:19:9f:9b:d6:f4:15:
4b:e9:ba:77:06:66:9e:b8:cf:12:31:c7:c4:14:3c:
13:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:62:58:92:4B:43:71:21:E8:FA:70:D9:31:E9:1A:94:66:0D:37
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/34362e3130322e3233322e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:42:6f:1c:cf:a5:c0:d8:0f:f4:8d:89:d9:e7:6b:9b:81:8d:
65:fa:5b:30:fc:51:ca:c2:15:5b:6a:4b:f9:db:4b:30:31:c5:
11:a5:83:3f:c3:9f:52:5c:d0:10:b4:eb:9c:56:15:ad:8a:b5:
65:fc:2b:bd:02:38:dc:62:1e:2b:9c:56:0b:f2:b6:c8:a2:f9:
ff:79:33:49:bd:10:7d:ed:d8:ad:eb:0a:ec:57:7b:42:0d:53:
3d:4c:02:e1:68:07:12:12:ad:6e:bf:8c:8e:62:ef:60:23:d6:
93:1d:08:51:1f:7d:13:03:9c:07:d4:01:5e:5b:ba:3b:33:af:
54:7a:7e:bb:e7:27:b8:17:44:80:73:32:30:75:bb:cf:5e:10:
91:7d:9f:7a:24:54:33:29:fb:13:b6:c5:05:09:c0:04:9b:41:
59:ca:cd:f6:21:ef:a3:c3:4c:b0:91:8d:9e:c0:42:4b:20:47:
15:54:6a:21:b1:37:f1:ef:c9:03:4a:62:bc:a5:54:25:0b:b3:
9e:2d:b2:8e:12:ed:c0:ff:58:8c:41:6e:fb:05:67:e6:63:26:
bc:2c:3b:ec:ce:61:8e:ec:d6:b4:17:c7:18:23:38:e3:55:88:
a2:81:d8:45:1c:0a:9b:0f:65:55:47:07:47:ca:11:49:65:fe:
67:20:2b:2c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUI9mlmQGp7ybWqSUQNPoRePWsKaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yNTEwMjExMDUwMDlaFw0yNjEwMjAxMDU1MDlaMDMxMTAvBgNV
BAMTKEFBN0Q2MjU4OTI0QjQzNzEyMUU4RkE3MEQ5MzFFOTFBOTQ2NjBEMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDILXi0YTlqemOw3L4RbWrD7JV8
D2IHrq4l309lSOjmsXxXZHACbk3Z2/K9D8aHHmjlU6w2MvH4p1M6rVIUd5qlzkiS
hXW2iysqKzjtqWBhr0VgrMmHcxjdka+CLGEvJIlxnLTFhvAOp3sOpRZtpktINoLi
tWcAXL7fV2aP/UXjHUZhlWtJLJ//dkO7hwoZUOKF2tU8up2mXC2vvxghZipuqWtU
Nzb6nP8J9Z4d92YV0hFMnVUzadcq/2PRFZxauL/HPOcgHpx/LSDb69Svz+mdOnQx
Ciyz8CRUOJysyFh7ftj18kXeQgjE0Rmfm9b0FUvpuncGZp64zxIxx8QUPBOHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqn1iWJJLQ3Eh6Ppw2THpGpRmDTcwHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzQzNjJlMzEzMDMyMmUzMjMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LmboMA0GCSqGSIb3DQEBCwUAA4IBAQAvQm8cz6XA2A/0jYnZ52ubgY1l+lsw/FHK
whVbakv520swMcURpYM/w59SXNAQtOucVhWtirVl/Cu9AjjcYh4rnFYL8rbIovn/
eTNJvRB97dit6wrsV3tCDVM9TALhaAcSEq1uv4yOYu9gI9aTHQhRH30TA5wH1AFe
W7o7M69Uen675ye4F0SAczIwdbvPXhCRfZ96JFQzKfsTtsUFCcAEm0FZys32Ie+j
w0ywkY2ewEJLIEcVVGohsTfx78kDSmK8pVQlC7OeLbKOEu3A/1iMQW77BWfmYya8
LDvszmGO7Na0F8cYIzjjVYiigdhFHAqbD2VVRwdHyhFJZf5nICss
-----END CERTIFICATE-----
Generated at Sun Oct 26 07:56:12 2025 by rpki-client